When it comes to security, organizations have a lot of moving parts to consider. From mobile and desktop devices to servers, line-of-business applications, cloud storage, social media accounts, and more—these are all resources that can contain sensitive company information. Naturally, it’s important to minimize the security risk associated with these channels to help protect enterprise assets.
For many years, privileged user credentials have offered a solution: only specific individuals have the greatest levels of access to the most sensitive company infrastructure and data. While this is a crucial component in the context of the overall security architecture, the trust, authority, and access granted to privileged users also marks these accounts as ‘highly desirable’ for malicious hackers.
The Forrester Wave: Privileged Identity Management, Q3 2016 Report estimates that 80% of security breaches involve privileged credentials, and states that privileged credentials provide greater scope for stealing data en masse compared to individual accounts. The report also recognizes that privileged identity management demands an integrated approach that includes multi-factor authentication (MFA) and security assertion markup language (SAML) compatibility.
To ensure that sensitive data is not compromised via privileged credentials, it is absolutely necessary for organizations to deploy proper security precautions, and to be mindful of which users and assets to grant privileges to. Implementing two-factor authentication (2FA) or MFA for administrative access to web applications and other devices that store vital information is an effective way to mitigate these threats. Extending the use of strong authentication to your entire end-user base can also reduce the threat and effectiveness of stolen credentials.
Yubico and Lieberman Software are working together to protect organizations from credential threats like keylogging, social engineering, and other cyber attacks. With its support for the YubiKey, Lieberman Software enables its customers to implement flexible and cost-effective MFA using the YubiKey One Time Password (OTP) and smart card authentication protocols. For large and complex environments, the integration between Lieberman RED – Rapid Enterprise Defense Identity Management and the YubiKey significantly strengthens security for automated privileged identity and access management.
RED Identity Management secures administrative credentials throughout your IT infrastructure including: super-user login accounts on systems and device, service accounts, SSH keys, application credentials, database admin accounts, and cloud identities. Unlike competing, closed solutions, the YubiKey is flexible enough to be re-seeded by authorized IT administrators through the RED Identity Management interface, eliminating the need to rely on third-party vendors to replace compromised tokens.
Protecting privileged credentials is an essential step in protecting your organization’s data. For more information on using Lieberman RED Identity Management with the YubiKey, please contact firstname.lastname@example.org.
Yubico is proud to highlight Lieberman Software as part of an ongoing YubiKey ecosystem awareness program. Visit our Featured Solutions page to learn more about all the products and services that support the YubiKey.